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Listing of Claims : 

1 . (currently amended) A method for scanning network devices 
connected to a network, comprising: 

(a) detecting connection of a first network device to the network; and 

(b) performing remote agentless scanning of the first network device 
automatically in response to detection of the first network device. 

2. (original) The method of claim 1 wherein step (a) further comprises 
inspecting data packets communicated over the network. 

3. (original) The method of claim 1 wherein the detecting step further 
comprises querying a database. 



4. (original) The method of claim 3 farther comprising continuously 
broadcasting pings on the network, continuously examining address resolution 
protocol tables, continuously monitoring event logs, transmitting a Lightweight 
Directory Access Protocol (LDAP) query, and transmitting a Domain Name System 
query. 

5. (original) The method of claim 1 wherein step (b) further comprises 
determining at least one of whether the first network device is plugged into a wall 
socket, whether the first network device is connecting to the network via wireless 
access, and whether the first network device is connecting to the network via wireless 
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access, and whether the first network device is connecting to the network via a 
Virtual Private Network. 

6. (original) The method of claim 1 wherein step (b) further comprises 
determining a property of the first network device. 

7. (original) The method of claim 1 wherein step (b) further comprises 
determining a property of the first network device. 

8. (original) The method of claim 7 wherein the determining of the identity 
of the first network device further comprises at least one of querying a database 
where the type has been determined, examining network traffic, analyzing network 
behavior, probing the first network device for signature responses, attempting to log 
into the device using a series. of protocols, logging into the first network device and 
querying data within the device. 

9. (original) The method of claim 1 wherein step (b) further comprises 
scanning at least one of a configuration, file, data, a software version, a patch, 
inventory, hardware, and a security vulnerability of the first network device. 

10. (original) The method of claim 1 wherein step (b) further comprises 
updating at least one of a configuration, file, data, a software version, inventory, and 
a security vulnerability of the first network device. 
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1 1 . (original) The method of claim 1 wherein step (b) further comprises 
comparing at least one security setting of the first network device with a 
predetermined security setting. 

12. (original) The method of claim 1 wherein step (b) further comprises at 
least one of installing a software patch on the first network device, installing anti-virus 
software on the first network device, and determining if the first network device is part 
of a windows domain. 

13. (original) The method of claim 1 further comprising at least one of 
enabling the first network device to have additional access to the network, denying 
the first network device access to the network, notifying another about the first 
network device based on results of the scan, and quarantining the first network 
device. 

14. (original) The method of claim 1 further comprising at least one of 
setting a security policy on the first network device, auditing the security policy of the 
first network device, ensuring compliance with a predetermined security policy, and 
reporting results. 

15. (currently amended) An apparatus for remote agentless scanning of 
network devices on a network comprising: 
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(a) a detecting module that detects connection of a first network device to the 
network; and 

(b) a scanning module that performs remote agentless scanning of the first 
network device automatically in response to the detection of the first network device. 

16. (original) The apparatus of claim 1 5 wherein the detecting module 
continuously polls a database for data corresponding to newly attached network 
devices. 

17. (original) The apparatus of claim 16 wherein the scanning module 
remotely scans the first network device upon detecting data corresponding to the first 
network device in the database. 

1 8. (original) The apparatus of claim 1 5 further comprising a history 
database storing scan results of a scan performed by the scanning module. 

1 9. (original) The apparatus of claim 15 wherein the scanning module can 
at least one of enable the first network device to have additional access to the 
network, deny the first network device access from the network, notify another about 
the first network device based on results of the scan, and quarantine the first network 
device. 
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20. (original) The apparatus of claim 15 further comprising a security policy 
management module for at least one of setting a security policy on the first network 
device, auditing the security policy of the first network device, ensuring compliance 
with a predetennined security policy, and reporting results. 

21 . (currently amended) A method for examining a first network device 
connected to a network, comprising: 

(a) querying a database for data representing connection of network devices 
to a network; 

(b) determining connection of a first network device to the network by locating 
data about the first network device in the database; 

(c) determining properties associated with the first network device to 
determine the identity of the first network device; 

(d) determining items to scan based on at least one of the properties; and 

(e) performing remote scanning of the first network device automatically in 
response to the determination of the connection of the first network device to the 
network. 

22. (original) The method of claim 21 wherein step (c) further comprises 
determining at least one of credentials associated with the first network device and 
type of the first network device. 
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23. (original) The method of claim 21 wherein step (c) further comprises at 
least one of querying a database where the identity has already been determined, 
examining network traffic, analyzing network behavior, probing the device for 
signature responses, and logging into the device to query data. 

24. (original) The method of plaim 21 wherein step (e) further comprises 
selecting a set of security policy settings to audit. 

i 

25. (original) The method of plaim 21 further comprising at least one of 
allowing the first network device to have additional access to the network, denying 
access to the network, notifying another about the first network device based on 
results of the remote scanning, and quarantining the first network device. 

» 

26. (currently amended) A method for scanning network devices connected 

i 

to a network, comprising: 

(a) detecting connection of a first network device to the network; and 

(b) performing remote scanning of the first network device automatically in 

response to detection of the first netwoijk device. 

i 

i 
i 

i 
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